Описание
Security update for jasper
This update for jasper fixes the following issues:
- CVE-2021-3467: Fixed NULL pointer deref in jp2_decode() (bsc#1184757).
- CVE-2021-3443: Fixed NULL pointer deref in jp2_decode() (bsc#1184798).
- CVE-2021-26927: Fixed NULL pointer deref in jp2_decode() (bsc#1182104).
- CVE-2021-26926: Fixed an out of bounds read in jp2_decode() (bsc#1182105).
Список пакетов
SUSE Linux Enterprise Module for Basesystem 15 SP3
SUSE Linux Enterprise Module for Desktop Applications 15 SP3
SUSE Linux Enterprise Real Time 15 SP2
openSUSE Leap 15.3
openSUSE Leap 15.4
Ссылки
- Link for SUSE-SU-2022:1479-1
- E-Mail link for SUSE-SU-2022:1479-1
- SUSE Security Ratings
- SUSE Bug 1182104
- SUSE Bug 1182105
- SUSE Bug 1184757
- SUSE Bug 1184798
- SUSE CVE CVE-2021-26926 page
- SUSE CVE CVE-2021-26927 page
- SUSE CVE CVE-2021-3443 page
- SUSE CVE CVE-2021-3467 page
Описание
A flaw was found in jasper before 2.0.25. An out of bounds read issue was found in jp2_decode function whic may lead to disclosure of information or program crash.
Затронутые продукты
Ссылки
- CVE-2021-26926
- SUSE Bug 1182105
Описание
A flaw was found in jasper before 2.0.25. A null pointer dereference in jp2_decode in jp2_dec.c may lead to program crash and denial of service.
Затронутые продукты
Ссылки
- CVE-2021-26927
- SUSE Bug 1182104
Описание
A NULL pointer dereference flaw was found in the way Jasper versions before 2.0.27 handled component references in the JP2 image format decoder. A specially crafted JP2 image file could cause an application using the Jasper library to crash when opened.
Затронутые продукты
Ссылки
- CVE-2021-3443
- SUSE Bug 1184798
Описание
A NULL pointer dereference flaw was found in the way Jasper versions before 2.0.26 handled component references in CDEF box in the JP2 image format decoder. A specially crafted JP2 image file could cause an application using the Jasper library to crash when opened.
Затронутые продукты
Ссылки
- CVE-2021-3467
- SUSE Bug 1184757